Tuesday, October 26, 2010

interoperable remote access for Linux

SourceCan a Linux computer control a LogMeIn computer?
LogMeIn is currently in the open beta phase of testing for our Linux remote control plugin, which will allow users to use their Linux based machine to control Windows and Mac OSX hosts.
For more info, please check out our Labs page for more info.
We have tested on Ubuntu 7.10 and up, OpenSUSE 10.3 and above, and others, but the plugin should work on any LSB 3.1 compatible Linux distribution.
This initial beta supports 32-bit x86 based machines running Firefox 2 or 3. You can find detailed install instructions for quite a few Linux distributions in this forum post.
Alternatively, Linux can also connect to a Windows or Mac OSX host via the use of our legacy Java interface.. To use this, you will need to install the Java Runtime Environment. Most Linux distributions can install this from their Package Managers (RPM for Redhat based, Synaptic for Debian based, etc.). Sun provides an RPM package at the link below.
This implementation is typically done with Firefox as the browser. Click here for an important note regarding enabling the Java plugin for FIrefox on Linux.
If you would like to install manually, or do not use RPM to install packages
sudo apt-get install sun-java6-plugin
or have issues with the package manager install, try installing from source from the following link. Note, when controlling the LogMeIn computer you will need to go to Preferences - Remote Control Settings and disable remote printing then click Apply for the Remote Control feature to load properly and not with errors, since this isn't supported in Java on Linux.

Regarding the response received from Logmein tech: the Java interface does not work as well as the ActiveX interface, so it would be good if they were made aware how many people want an equivalent to the ActiveX interface for Linux.

One advantage that Logmein has over VNC, is that it runs an agent on the target machine, which helps in traversing NAT and firewalls, without having to open ports in your router. It reaches out from behind the firewall and gives you access. With VNC, one has to open a port or two in order to log in. If you already have a ssh port open, you can tunnel through it, without opening extra ports, however when dealing with a family member that's far away and not as computer literate, Logmein is a foolproof solution for supporting those loved ones.

You don't have to configure any firewalls, like adding NAT-entries. The LogMeIn-client which resides on the users computer, periodically 'pings' to the LogMeIn-server over HTTP. So, the LogMeIn-server knows always at what IP-address the client is available, and there is always a path through firewalls to this client (maybe that's called firewall punching or something like that).
logmein provides what is basically a vnc service for free, but they do more than that; the vnc connects out to their server and allows you to vnc past any form of network protection, so instead of vncing to a machine that's port forwarded behind a router; you are connecting and logging into logmein, selecting the computer you want from a list of online computers that you have installed logmein on under your LMI account. Then they allow you to initiate a chat with a user if they've been active recently, or you can just remote control the pc. in the paid (pro) version you can use the print dialog to print document from the remote computer on a local printer. you can do the same for audio, play with a remote audio player and hear locally.
You're able to drag and drop files between logmein and the local computer, and even start "mini meetings" where you invite other people to connect to your logmein and use it as a whiteboard/presentation. they're working on a mac version of the vnc server right now (i think it's in released beta) and the logmein client actually works on most operating systems including linux, but the server is only available for windows and mac(beta)... (they do have a similarish service that is also available for linux, but it is only trial/paid and is billed per a few different periods, two being monthly and yearly (1 month 1-5 licenses 4.95ea, 1 year 1-5 licenses 3.25ea) and is a instant, zero configuration VPN setup, which allows you to manage multiple vpns and join/part/delete them at will per computer basis; i could see this being very convenient in a corporate environment, but i do with it had also been offered for free.

----------------------------------

Accessing my Windows machines at home from my Laptop running Ubuntu:

1] Install WINE

2] Download a portable version of Firefox for Windows

3] Access as before using Firefox for Windows in WINE

----------------------------

If you have a public IP with open ports VNC works great

As far as I am concerned, the free version of VNC (I don't know any other version) doesn't have any of this neat firewall-punching technics of logmein. I found it unpractical to configure VNC unless there is a really important reason for doing so. To make things worse: When the user uses DHCP, as most networks do, setting up VNC really becomes a nightmare. With some smart routers, you can set up a path to a computers name or MAC-address, rather than its IP-address. Or otherwise, you have to assign the specific computer a static IP-address, which is often not an option, or use some esoteric tricks that I do not want to know about.

----------------------------
A much "simpler" way of accessing a remote computer that is behind a firewall. Initiate a "Reverse SSH tunnel" on that computer. It's particularly easy in Ubuntu, here is one of many links that come up in Google:http://articles.techrepublic.com.com...ml?tag=nl.e011
My main complaint about VNC is it's dogslow compared to logmein or nomachine, Even fine tuning for less colors, compression, etc. does not help much but in contrast it is 100% free and you actually know what is happening and it is not provider dependent like logmein.----------------------------

Note: Installation of NX Server for Linux requires the download and installation of three packages: client, node and server. The client is needed because it ships libraries used by the node. The node is needed because it ships tools needed by the server. Furthermore, the SSH server daemon (SSHD) needs to be up and running on each of the NX Node machines since NX relies on the mechanism provided by the SSH subsystem for handling user authentication.

There are services for dynamic IPs (when your ISP changes it, this can be a hassle). The method I use to get them to show locally to each other (without the more sophisticated VPN type setups) is called hamachi. It was bought out by logmein.com and is available for linux/mac/windows and is free.

The reason I state this is that is allows a virtual 2nd nic (atleast under windows) and gets it so that all the computers setup under the client appear to be on one network.

Essentially it is for those of us that know of VPNs (or even those who don't) but want it to work easily and (from what I can tell) securely, oh and free.

The best though I can see is setup tightVNC or NX and hamachi on the linux box in question and simply tunnel using the hamachi IP of the linux box (see hamachi.cc for all the details on mac/linux install) and it will resolve the issue of any IPs that change.

--------------------
I have a remote server set up at a colo facility that I run some sites off of. I set up a virtual server with ssh listening on port 9022, and ports 10000-10199 wide open for incoming connections (no service running on them). Let's call this host "middleman".
Next, I have a script on my laptop (let's call this host "endpoint" by the way) that tries to keep a reverse tunnel open to the ssh server on port 9022 on "middleman". I have it hardcoded for now to forward port 10074 on "middleman" to port 22 on "endpoint".
Finally, I have the NX client loaded on my work desktop and set up to connect to port 10074 on "middleman", and viola, I get my desktop on "endpoint".

So - how to automate this and make it available for others to use, as well as integrate this into a web-based client? I have a mysql and apache server available if anyone has ideas - I can code some stuff and am willing to give others access. If we could write a script for the "endpoint" users to put in their init.d as a service, and automate code to "connect-the-dots" on the "middleman" server, we could have it acting like logmein does.
Now the downside to this. The way I set it up above requires all the traffic to pass through the "middleman". Is there some way to have the "middleman" only negotiate a direct connection between the client and endpoint, and NOT pass all the gui traffic through? I can't imagine that logmein does this, somehow they have to be setting up a direct connection. The bandwidth bill would be huge otherwise.
A sidenote also. I notice that shadow sessions are much slower than regular unix kde or gnome sessions. Anybody know why or how to fix or improve this? It slows down almost to VNC speed when shadowing for me, but a gnome sessions just blaze along like you were at the console.
--------------------
ntrconnect is working exactly the same way like logmein but guess...
It has a Linux server!!!!!
it has a free version without all the features available but the remote desktop is there

Just install it (It has a graphical installation) and then run

Code:

sudo /usr/local/NTR/NTRconnect/NTRservice

But the news are not just good. There is no linux client available! How stupid!??
Anyway I tested that using a windows virtual machine as a client and it worked perfectly
-------------------- http://www.teamviewer.com
The client runs under Wine.xrdp.sourceforge.net/

this should be a resume:
In all cases these solutions have no port or dynamic ip problems.
Q: can i access a Windows machine from linux/windows by browser and without installing anything?
A. yes, just install logmein server in your windows machine
Q: does logmein has a linux server version?
A: right now, it doesn't
Q: how can i access my linux box in a secure form, without port mapping or dynamic ip issues?
A: you can do it in several ways:
1) install hamachi in both machines, and run any remote desktop software you like (any vnc like) using the hamachi ip of the remote machine(these seems to be alternatives to logmein, go ahead and try them)
2) try NoMachineNX http://www.nomachine.com/
3) try Bomgart http://www.bomgar.com/linux/
4) try NTRconnect http://www.ntrconnect.com/
Note: there is gHamachi (a GUI for hamachi in linux)